具有OAuth2的Swashbuckle.AspNetCore v1.0.0,流程:应用程序->身份服务器4 [英] Swashbuckle.AspNetCore v1.0.0 with OAuth2, flow : application -> IdentityServer4

查看:122
本文介绍了具有OAuth2的Swashbuckle.AspNetCore v1.0.0,流程:应用程序->身份服务器4的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我似乎无法使.net核心Web API与Swashbuckle(OAuth2)和应用程序流程一起使用。当我单击授权按钮时,Fiddler显示呼叫正常,并且我的本地IdentityServer(4)用access_token进行答复。一切都很好,但是我不认为Swagger会接手,什么也没有发生,并且我不能在没有得到401的情况下触发我的控制器方法。我看不到Cookie,什么也没有。我确定我缺少一些琐碎的东西。有人可以帮我吗?

I can't seem to make my .net core web API work with swashbuckle, OAuth2 with an application flow. When I click the Authorize button, Fiddler shows that the call is OK and my local IdentityServer(4) replies with an access_token. That's all great and all but I don't think Swagger picks this up, there's nothing happening and I can't trigger my controller methods without getting a 401. I see no cookies, nothing. I'm sure I'm missing something super trivial. Can someone help me out?

相关代码:

Startup.cs中的ConfigureServices

ConfigureServices in Startup.cs 

c.AddSecurityDefinition("oauth2", new OAuth2Scheme
{                    
    Type = "oauth2",
    Flow = "application",                      
    TokenUrl = "http://localhost:61798/connect/token",
    Scopes = new Dictionary<string, string>
    {
        { "readAccess", "Access read operations" },
        { "writeAccess", "Access write operations" }
    }
});

在Startup.cs中配置

Configure in Startup.cs 

app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
    Authority = "http://localhost:61798",
    RequireHttpsMetadata = false,
    ApiName = "api1",
    AutomaticAuthenticate = true, //Doesn't change anything...
});

....

app.UseSwagger();
app.UseSwaggerUI(c =>
{
    c.SwaggerEndpoint("/swagger/v1/swagger.json", "V1 Docs");
    c.ConfigureOAuth2("Swagger", "swaggersecret", "swaggerrealm", "Swagger UI");                
});

我的IdentityServer配置成功。我可以在Postman和一个简单的客户端中调用此API,而不会出现任何问题。我唯一的问题是Swagger(Swashbuckle.AspNetCore 1.0.0)。

My IdentityServer is configured OK. I can call this API in Postman and a simple client without any problem. My only problem is Swagger (Swashbuckle.AspNetCore 1.0.0).

推荐答案

对于当前项目,我们有一个非常相似的设置。我们的其余api通过jwt承载身份验证和azure ad b2c进行保护。在这种情况下,无法大张旗鼓地自动获取令牌。

We have a very similar setup for a current project. Our rest api is secured with jwt bearer authentication and azure ad b2c. In this case there is no way swagger to pick up automatically the token.

此解决方案对我们来说很完美: https://stackoverflow.com/a/39759152/536196

This solution works perfect for us: https://stackoverflow.com/a/39759152/536196 

services.AddSwaggerGen(c =>
{
    c.OperationFilter<AuthorizationHeaderParameterOperationFilter>();
});

此后,当您运行swagger UI时,应该会看到令牌的其他字段。

After that when you run your swagger UI, you should see an additional field for the token.

这篇关于具有OAuth2的Swashbuckle.AspNetCore v1.0.0,流程:应用程序->身份服务器4的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆